prosody
15b375870b40
plugins/mod_saslauth.lua
Software / code / prosody
Comparison
plugins/mod_saslauth.lua @ 297:15b375870b40
Providing some human readable error messages and some fixes.
| author | Tobias Markmann <tm@ayena.de> |
|---|---|
| date | Sat, 15 Nov 2008 22:36:22 +0100 |
| parent | 294:5d861d6e5bbd |
| parent | 296:21835c4fc34f |
| child | 304:7b28fa8bbfe5 |
comparison
equal
deleted
inserted
replaced
| 294:5d861d6e5bbd | 297:15b375870b40 |
|---|---|
| 49 local func = function(x) return x; end; | 49 local func = function(x) return x; end; |
| 50 if password then | 50 if password then |
| 51 if mechanism == "PLAIN" then | 51 if mechanism == "PLAIN" then |
| 52 return func, password; | 52 return func, password; |
| 53 elseif mechanism == "DIGEST-MD5" then | 53 elseif mechanism == "DIGEST-MD5" then |
| 54 return func, require "hashes".md5(node..":"..host..":"..password); | 54 return func, require "md5".sum(node..":"..host..":"..password); |
| 55 end | 55 end |
| 56 end | 56 end |
| 57 return func, nil; | 57 return func, nil; |
| 58 end | 58 end |
| 59 | 59 |
| 60 function do_sasl(session, stanza) | 60 function sasl_handler(session, stanza) |
| 61 if stanza.name == "auth" then | |
| 62 -- FIXME ignoring duplicates because ejabberd does | |
| 63 session.sasl_handler = new_sasl(stanza.attr.mechanism, session.host, password_callback); | |
| 64 elseif not session.sasl_handler then | |
| 65 return; -- FIXME ignoring out of order stanzas because ejabberd does | |
| 66 end | |
| 61 local text = stanza[1]; | 67 local text = stanza[1]; |
| 62 if text then | 68 if text then |
| 63 text = base64.decode(text); | 69 text = base64.decode(text); |
| 64 if not text then | 70 if not text then |
| 65 session.sasl_handler = nil; | 71 session.sasl_handler = nil; |
| 72 local s = build_reply(status, ret, err_msg); | 78 local s = build_reply(status, ret, err_msg); |
| 73 log("debug", "sasl reply: "..tostring(s)); | 79 log("debug", "sasl reply: "..tostring(s)); |
| 74 session.send(s); | 80 session.send(s); |
| 75 end | 81 end |
| 76 | 82 |
| 77 add_handler("c2s_unauthed", "auth", xmlns_sasl, | 83 add_handler("c2s_unauthed", "auth", xmlns_sasl, sasl_handler); |
| 78 function (session, stanza) | 84 add_handler("c2s_unauthed", "abort", xmlns_sasl, sasl_handler); |
| 79 if not session.sasl_handler then | 85 add_handler("c2s_unauthed", "response", xmlns_sasl, sasl_handler); |
| 80 session.sasl_handler = new_sasl(stanza.attr.mechanism, session.host, password_callback); | |
| 81 do_sasl(session, stanza); | |
| 82 else | |
| 83 error("Client tried to negotiate SASL again", 0); | |
| 84 end | |
| 85 end); | |
| 86 | |
| 87 add_handler("c2s_unauthed", "abort", xmlns_sasl, | |
| 88 function(session, stanza) | |
| 89 if not session.sasl_handler then error("Attempt to abort when sasl has not started"); end | |
| 90 do_sasl(session, stanza); | |
| 91 end); | |
| 92 | |
| 93 add_handler("c2s_unauthed", "response", xmlns_sasl, | |
| 94 function(session, stanza) | |
| 95 if not session.sasl_handler then error("Attempt to respond when sasl has not started"); end | |
| 96 do_sasl(session, stanza); | |
| 97 end); | |
| 98 | 86 |
| 99 add_event_hook("stream-features", | 87 add_event_hook("stream-features", |
| 100 function (session, features) | 88 function (session, features) |
| 101 if not session.username then | 89 if not session.username then |
| 102 t_insert(features, "<mechanisms xmlns='urn:ietf:params:xml:ns:xmpp-sasl'>"); | 90 t_insert(features, "<mechanisms xmlns='urn:ietf:params:xml:ns:xmpp-sasl'>"); |
